The calendar says today is Aug. 4. But according to the 9/11 Commission, today is Sept. 10. Additionally, yesterday was Sept 10. And odds are tomorrow will be as well when it comes to national preparedness against cyber attacks.
“Reflections on the 10th Anniversary of the 9/11 Commission Report,” which was issued last month, says “senior leaders with whom we spoke are uniformly alarmed by the cyber threat to the country. One former agency head said, 'We are at Sept.10th levels in terms of cyber preparedness.'”
The report says that U.S. companies' “most-sensitive patented technologies” and intellectual property — as well as university research, critical infrastructure and defense capabilities — are all under cyber attack.
“One lesson of the 9/11 story is that, as a nation, Americans did not awaken to the gravity of the terrorist threat until it was too late,” according to the report. “History may be repeating itself in the cyber realm.”
Many of the same points were made by speakers at Business Insurance's cyber security summit in Washington in late May, and no doubt will be made by other experts in the field in other forums to come. Digital-age Paul Reveres are raising the alarm — but are we really listening?
The report says the federal government itself bears much of the blame for the situation, claiming that officials have done a poor job of going beyond generalities in explaining what's being done and why data collection is critical to cyber security defenses. But the same officials have to make sure that data collection is no broader than necessary.
In a post-Edward Snowden world, that's a must. Citizens are rightly concerned about the trampling of civil liberties in the name of security — government overreach is a real issue.
So dealing with a growing threat will require a balancing of interests. That's going to be difficult, but “difficult” isn't a synonym for “impossible.”
Part of the problem with getting cyber security legislation passed is the same problem that has soured the atmosphere in Washington for years — extreme partisanship. But if there's an issue that ought to transcend partisanship today, cyber security should be recognized as that issue.
After all, this is an issue of national security — period. It demands to be treated as such. The nature of the cyber security threat mutates every day, which means that the good guys must play a constant game of catch-up. Doing what's necessary to make their jobs easier and more effective is critical.
The 9/11 Commission report again has sounded the alarm: It's Sept. 10. Unless cyber security is taken more seriously, the risks facing an unprepared nation will continue to grow until we all wake up — if we're lucky — on post-cyber catastrophe Sept. 12.